Ransomware infects narrowcast radio station

Monday 15 May, 2017

It was recently radioinfo shared an update on Josh Agnew, Australia's youngest GM and station owner at just 12 years of age.

In a blow to Pulse FM the youth community/narrowcast radio station Josh built, a new strain of ransomware — malicious software that encrypts a computer’s files and then demands payment to unlock them, has destroyed all the station's data including documents, videos and pictures.

Tens of thousands of Windows computers were taken hostage by the software simultaneously around the world including FedEx.

"I was logged into our server managing the backups on Friday night when the server got infected with malware, meaning that the virus could see our backups, and basically destroyed our backups.

"After discovering that the Bitcoin link to pay the ransom is the same for all infected computers worldwide, we have decided not to pay the ransom, as there is no way the hackers/scammers would be able to link a certain payment with a certain computer.

"Unfortunately, we have lost years worth of documents, video and images. We still have a chunk of our audio library unencrypted including all station imaging and certain types of music."

However in some good news, "a certain radio network" helped out with the music, supplying a copy of their music library.

Josh (left) is now moving all windows server applications with a Linux version available (Icecast, Shoutcast, Custom Scripts etc) to Virtual Linux platforms on ESXi servers.

"We are also in the process of upgrading all our existing Server 2008 R2 machines to Server 2012, and upgrading all Windows 7 workstations to Windows 10. We are in the process of installing all the latest patches and updates on all our machines including servers.​

"We have now purchased various external hard drives for cold offline backups, several new NAS's for an extra layer of storage, more off-site storage in a datacenter, installed Symantec Endpoint Protection on all servers, workstations and laptops, and have purchased a new offline server that will mirror our primary server."